CVE-2025-52186 | Lichess lila 2025-06-02 Game Export API players server-side request forgery

A vulnerability described as critical has been identified in Lichess lila 2025-06-02. The impacted element is an unknown function of the component Game Export API. Such manipulation of the argument players leads to server-side request forgery.

This vulnerability is uniquely identified as CVE-2025-52186. The attack can be launched remotely. No exploit exists.

It is advisable to implement a patch to correct this issue.VulDB Recent EntriesRead More